← Back

Lenovo Thinkmanagement Console

lenovo_thinkmanagement_console

Vendor: Landesk • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2012-1196
1Landesk
1Lenovo Thinkmanagement Console
Apr 29, 2026
Feb 18, 2012
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Directory traversal vulnerability in the VulCore web service (WSVulnerabilityCore/VulCore.asmx) in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to delete arbitrary files via a .. (dot dot) in the filename...Show more
Directory traversal vulnerability in the VulCore web service (WSVulnerabilityCore/VulCore.asmx) in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to delete arbitrary files via a .. (dot dot) in the filename parameter in a SetTaskLogByFile SOAP request.Show less
CVE-2012-1195
1Landesk
1Lenovo Thinkmanagement Console
Apr 29, 2026
Feb 18, 2012
N/A· v4
N/A· v3
7.5 HIGH· v2
Unrestricted file upload vulnerability in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to execute arbitrary co...Show more
Unrestricted file upload vulnerability in andesk/managementsuite/core/core.anonymous/ServerSetup.asmx in the ServerSetup web service in Lenovo ThinkManagement Console 9.0.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via a PutUpdateFileCore command in a RunAMTCommand SOAP request, then accessing the file via a direct request to the file in the web root.Show less